package net.zoneland.zrdp.common.xss;

import com.fasterxml.jackson.core.JsonGenerator;
import com.fasterxml.jackson.databind.JsonSerializer;
import com.fasterxml.jackson.databind.SerializerProvider;
import net.zoneland.zrdp.common.utils.html.HtmlXssFilter;

import java.io.IOException;

public class XssSanitizeSerializer extends JsonSerializer<String> {

    @Override
    public void serialize(final String value, final JsonGenerator gen, final SerializerProvider serializers) throws IOException {
        if (value != null) {
            // 在这里实现你的XSS清理逻辑
            final String cleanValue = sanitizeString(value);
            gen.writeString(cleanValue);
        }
    }

    // 示例清理方法
    private String sanitizeString(final String input) {
        // 使用一个适当的库或方法来清理输入
        return HtmlXssFilter.filter(input);
    }
}
